Forum maintenance: Nov 2020

Talk about whatever you feel like.
User avatar
Martin Blank
Knower of Things
Knower of Things
Posts: 12684
Joined: Fri Feb 07, 2003 4:11 am
Real Name: Jarrod Frates
Gender: Male
Location: Dallas, TX

Forum maintenance: Nov 2020

Post by Martin Blank » Sat Nov 28, 2020 2:44 am

As some of you may have noticed, the forum had some downtime tonight. Here's all the fun that happened:
  • ISP moved us to a new set of IP addresses. Or, rather, one address out of five I'm supposed to get. The remaining four came in late, so expect some more downtime as I get the new addresses integrated.
  • Ran some server updates. Doesn't seem to have broken anything, but always keeping watch.
  • Noticed in some logs that HTTP/2 wasn't enabled in Apache2 because the prefork module (required for basic PHP functionality) breaks the http2 module. Changed that to PHP-FPM and now it works. PHP may also work faster, and possibly more securely by breaking some functionality out to a separate userspace.
  • I broke HTTPS by utterly failing to update the IP address in the site's .conf file. That took me 20 minutes to figure out even while staring at the .conf file itself because why look at the only part that would affect anything?
  • Took the time to upgrade to phpBB 3.3.2. This was a fantastic idea until I ran into a database error, "Row size too large. The maximum row size for the used table type, not counting BLOBs, is 8126." The profile fields data table had some rows that were too large (I guess?), so despite trying to delete the Google Plus column (which would reduce the row size), it just failed with this message. But there's a solution! What's that? It involves modifying the table's basic format? What a totally not terrifying idea! Let's read lots more and try to find some examples that don't regurgitate a developer writing for developers, utterly fail, and then give it a try, wondering if watching the sunrise is in my near future! (It worked, BTW.)
  • Altered the TLS settings for HTTPS for the entire server to restrict it to very modern ciphers, stripping out CBC and going with only GCM or POLY1305. Shouldn't affect anyone using vaguely modern software, but it does mean that Android prior to 4.4.2 (KitKat), Internet Explorer prior to 11, Java JRE/SDK prior to 8, and Safari prior to 9 will not work.
So, yeah. Things should work at least as well as they did, but with some interruptions over the next day or so as I get the IP address situation worked out. They might even be a little faster courtesy of the PHP-FPM installation and/or HTTP/2 actually working.
If I show up at your door, chances are you did something to bring me there.

User avatar
Deacon
Shining Adonis
Posts: 44194
Joined: Wed Jul 30, 2003 3:00 pm
Gender: Male
Location: Lakehills, TX

Re: Forum maintenance: Nov 2020

Post by Deacon » Sat Nov 28, 2020 7:12 am

Martin Blank wrote: Sat Nov 28, 2020 2:44 am
  • ISP moved us to a new set of IP addresses. Or, rather, one address out of five I'm supposed to get. The remaining four came in late, so expect some more downtime as I get the new addresses integrated.
You know, for whatever reason, I still can’t get to the site while mobile, only on WiFi. AT&T. I really don’t know why.
The follies which a man regrets the most in his life are those which he didn't commit when he had the opportunity. - Helen Rowland, A Guide to Men, 1922

User avatar
Martin Blank
Knower of Things
Knower of Things
Posts: 12684
Joined: Fri Feb 07, 2003 4:11 am
Real Name: Jarrod Frates
Gender: Male
Location: Dallas, TX

Re: Forum maintenance: Nov 2020

Post by Martin Blank » Sun Nov 29, 2020 1:50 am

Might be IPv6-related. I'll look into it.
If I show up at your door, chances are you did something to bring me there.

User avatar
Deacon
Shining Adonis
Posts: 44194
Joined: Wed Jul 30, 2003 3:00 pm
Gender: Male
Location: Lakehills, TX

Re: Forum maintenance: Nov 2020

Post by Deacon » Wed Dec 02, 2020 8:42 am

It works now! Both in general and even on mobile data. Well done!
The follies which a man regrets the most in his life are those which he didn't commit when he had the opportunity. - Helen Rowland, A Guide to Men, 1922

User avatar
Seannery
Redshirt
Posts: 119
Joined: Tue Aug 04, 2020 4:49 pm
Real Name: E. Marie Seannery

Re: Forum maintenance: Nov 2020

Post by Seannery » Wed Dec 02, 2020 4:39 pm

I've been unable to connect to the forum server the past couple days---at all. I've also noticed sometimes, I'd connect, but then loading browsing to another page, I'd get an bland page saying ``unauthorized''---then I'd reload the page, and it'd be fine. Sometimes, I'd connect fine, but the stylesheet wouldn't, or partially, load---sometimes, reloading didn't help, or made it worse. Perhaps notable: I'm using TOR to connect---some servers tend to have unnecessary problems with TOR, such as responding with `unauthorized' errors.
Do tell me, always, in what way I'm not good.. I'm not used to silent tolerance.
liberté, égalité, muliebrité
τ > π wrote: Fri Nov 27, 2020 2:57 amOnward! To our selves. To the future.

User avatar
Martin Blank
Knower of Things
Knower of Things
Posts: 12684
Joined: Fri Feb 07, 2003 4:11 am
Real Name: Jarrod Frates
Gender: Male
Location: Dallas, TX

Re: Forum maintenance: Nov 2020

Post by Martin Blank » Wed Dec 02, 2020 5:33 pm

Tor shouldn't present a problem for connectivity itself. What you can run into is IP address matching. Sessions have to match both the cookie (like session management on most sites) and I think the first two octets of an IPv4 address. If your tunnel shifts or restarts while you're in an area that requires special permissions, you can get that "Unauthorized" response.

The server has issues related to iproute2 in handling large numbers of IP addresses, especially IPv6. I've been trying to find a solution for years, but nothing seems to hold past a reboot, and sometimes not even manual configs. In the US, the mobile networks often prefer IPv6, which is good on principle, but it can cause some unexpected results.

It's a bit of a hobby server for me. It runs Debian test, so sometimes things get a little glitchy. For some reason, the web server was down last night and I haven't been able to figure out why. I restarted it, though, and it's been OK since, which suggests that it was not the PHP-FPM service.
If I show up at your door, chances are you did something to bring me there.

User avatar
Seannery
Redshirt
Posts: 119
Joined: Tue Aug 04, 2020 4:49 pm
Real Name: E. Marie Seannery

Re: Forum maintenance: Nov 2020

Post by Seannery » Wed Dec 02, 2020 6:14 pm

I think I know what you mean---sometimes, I'd just get logged out, despite the session id in the URL (when not using cookies) or the cookies not changing. I've been getting that since always, here, but it's been happening more often, recently, when not using cookies but the URL session id. I've been getting a different `unauthorized' error recently, mainly when not logged in---it's not the usual forum `you must be logged in' but like an HTTP error page.
The stylesheet errors are new, and I've been getting them about the same whether logged in or not.
Do tell me, always, in what way I'm not good.. I'm not used to silent tolerance.
liberté, égalité, muliebrité
τ > π wrote: Fri Nov 27, 2020 2:57 amOnward! To our selves. To the future.

User avatar
Martin Blank
Knower of Things
Knower of Things
Posts: 12684
Joined: Fri Feb 07, 2003 4:11 am
Real Name: Jarrod Frates
Gender: Male
Location: Dallas, TX

Re: Forum maintenance: Nov 2020

Post by Martin Blank » Fri Dec 04, 2020 3:14 am

I just went and checked the actual settings, and the session manager checks the first three octets. Tor seems to have gotten more aggressive about shifting tunnels in the last few years as a privacy mechanism. If you're using Tails or some other privacy-focused distro to run Tor, they might have their own tunnel change settings.

As for stylesheets, everything should be hosted locally, including jQuery (which isn't CSS, but is something most sites farm out to reduce bandwidth and take advantage of browser caching). I've purged the server cache, so let me know if that changes things.
If I show up at your door, chances are you did something to bring me there.

User avatar
Doc Giggles
Redshirt
Posts: 804
Joined: Fri Feb 14, 2003 8:13 am

Re: Forum maintenance: Nov 2020

Post by Doc Giggles » Fri Dec 04, 2020 7:41 am

I'm just glad that the "forgot password" reset started to work after the maintenance.
Disciple of Gnarr
“Let there be truth, happiness, and waffles”
-Nomad, Dark Lord & Avatar of Gnarr

User avatar
Seannery
Redshirt
Posts: 119
Joined: Tue Aug 04, 2020 4:49 pm
Real Name: E. Marie Seannery

Re: Forum maintenance: Nov 2020

Post by Seannery » Fri Dec 04, 2020 7:21 pm

Still getting all the same errors.
Do tell me, always, in what way I'm not good.. I'm not used to silent tolerance.
liberté, égalité, muliebrité
τ > π wrote: Fri Nov 27, 2020 2:57 amOnward! To our selves. To the future.

User avatar
Martin Blank
Knower of Things
Knower of Things
Posts: 12684
Joined: Fri Feb 07, 2003 4:11 am
Real Name: Jarrod Frates
Gender: Male
Location: Dallas, TX

Re: Forum maintenance: Nov 2020

Post by Martin Blank » Fri Dec 04, 2020 9:49 pm

Doc Giggles wrote: Fri Dec 04, 2020 7:41 am I'm just glad that the "forgot password" reset started to work after the maintenance.
I didn't know it was broken. :(
Seannery wrote: Fri Dec 04, 2020 7:21 pm
Still getting all the same errors.
Go to https://ipecho.net/plain before you visit the site to see what your apparent address is and note it, then check the same site after you get the error. Let's see if they change.
If I show up at your door, chances are you did something to bring me there.

User avatar
Seannery
Redshirt
Posts: 119
Joined: Tue Aug 04, 2020 4:49 pm
Real Name: E. Marie Seannery

Re: Forum maintenance: Nov 2020

Post by Seannery » Fri Dec 04, 2020 11:24 pm

Same address.
By the way, the error page:

Code: Select all

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
<hr>
<address>Apache Server at www.reallifeforums.com Port 443</address>
</body></html>
Do tell me, always, in what way I'm not good.. I'm not used to silent tolerance.
liberté, égalité, muliebrité
τ > π wrote: Fri Nov 27, 2020 2:57 amOnward! To our selves. To the future.

User avatar
Doc Giggles
Redshirt
Posts: 804
Joined: Fri Feb 14, 2003 8:13 am

Re: Forum maintenance: Nov 2020

Post by Doc Giggles » Fri Dec 04, 2020 11:49 pm

Martin Blank wrote: Fri Dec 04, 2020 9:49 pm I didn't know it was broken. :(
I kind of thought there was something odd going on. I sent a couple messages through the "Contact board administrator" option but never heard back. Sounds like the update came at just the right time.

What was happening was that I clicked the forgot password, opened the link in the email, entered a new password and got a blank page after clicking on submit. No confirmation that the password had been changed and the new password failed when I tried to log in.

Hopefully I was the only one stuck in that limbo.
Disciple of Gnarr
“Let there be truth, happiness, and waffles”
-Nomad, Dark Lord & Avatar of Gnarr

User avatar
Deacon
Shining Adonis
Posts: 44194
Joined: Wed Jul 30, 2003 3:00 pm
Gender: Male
Location: Lakehills, TX

Re: Forum maintenance: Nov 2020

Post by Deacon » Sat Dec 05, 2020 5:45 am

No errors over here. Still working on mobile now for the first time in a long time.
The follies which a man regrets the most in his life are those which he didn't commit when he had the opportunity. - Helen Rowland, A Guide to Men, 1922

User avatar
raptor9k
Redshirt
Posts: 1358
Joined: Tue May 15, 2007 8:33 pm
Gender: Male
Location: Arkansas

Re: Forum maintenance: Nov 2020

Post by raptor9k » Mon Dec 07, 2020 8:07 pm

I periodically get the 403 error page from time to time now. It seems to happen more when I click in a subforum, read a post, then click the board index link to back out to see what's unread. Chrome from Mac OS over AT&T.

Who is online

Users browsing this forum: Bing [Bot], Common Crawl (Research) and 1 guest